On Fri, Jun 20, 2003 at 09:08:08AM +0200, Zoki wrote: > Le 17/06/2003 20:54, « Michael H. Warfield » <[EMAIL PROTECTED]> a écrit : > > > On Sun, Jun 15, 2003 at 02:54:17PM -0500, srini Amble wrote: > >> I am looking for RH 7.2 CDs. Can any of you please suggest a source for > >> RH 7.2 CDs? I have tried to download the ISO images from the net but the > >> MD5SUM never matches. I need these CDs because one the applications I am > >> trying to use works only with RH 7.2. Any help is very much appreciated. > > > > If you do this, understand that there are an INCREDIBLE number > > of security holes OOB (Out Of BOX) in that base version. You must upgrade > > to the lastest RPMS (at which point, why install 7.2 in the first place) > > or you will be owned before you can change your mind.
> *** Mike, read before you type: "one the applications I am trying to use
> works only with RH 7.2". I guess the reason is pretty obvious, no!?
No you don't understand or no you can't upgrade?
How long do you want it to stay up before being broken into.
More than a day? More than a week? Apache can be owned, the various
mail services, imap, pop3, etc, can be owned. Sendmail can be owned.
DNS can be owned. Samba can be owned. PHP can be owned. I think lpr
can be owned as well. The only way to keep it running will be to not connect
it to the net or not run any services. Unless you want to have someone
break into it and you want to have your system used as a hacker platform.
Right now, I spin up several RedHat 7.3 systems for honeypots.
I've got RedHat 7.3 OOB (Out Of the Box), updated to just prior to the
last Samba vulnerability, and completely up to date. Side by side with
them are Mandrake Honeypots (OOB) and Debian Honeypots (OOB). The ONLY
systems which are not broken into on a monthly basis are the fully up
to date "control" images. Attacks and worms out there are actively scanning
and busting Apache and Samba. The last kernel ptrace resulted in a scary
change in the Apache attacks. Within 24 hours of that advisory, the
breakins when from slapper-type breakins resulting in user apache to full root
compromises with some rootkits even I had not seen or captured for my zoo
before now (which, for a security researcher like me, is bonus points).
Find out WHY that application has that requirement and get it fixed.
> --
> Cheers,
> Zoran.
>
> "Home is where you hang your @"
Mike
--
Michael H. Warfield | (770) 985-6132 | [EMAIL PROTECTED]
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
pgp00000.pgp
Description: PGP signature
